From b121fa2cc95ce8f95b7b78dd40c0971ed963c255 Mon Sep 17 00:00:00 2001
From: Bastien Nocera <hadess@hadess.net>
Date: Thu, 21 Mar 2019 15:37:01 +0100
Subject: [PATCH] uru4000: Work-around SELinux AVC warnings when driver starts

Work-around SELinux AVC warnings caused by p11-kit (which is an NSS
dependency) trying to load the root user's p11-kit configs. We disable
this feature using the P11_KIT_NO_USER_CONFIG envvar.

See https://bugzilla.redhat.com/show_bug.cgi?id=1688583
---
 libfprint/drivers/uru4000.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libfprint/drivers/uru4000.c b/libfprint/drivers/uru4000.c
index 6a3722b..7e54add 100644
--- a/libfprint/drivers/uru4000.c
+++ b/libfprint/drivers/uru4000.c
@@ -1340,6 +1340,9 @@ static int dev_init(struct fp_img_dev *dev, unsigned long driver_data)
 		goto out;
 	}
 
+	/* Disable loading p11-kit's user configuration */
+	g_setenv ("P11_KIT_NO_USER_CONFIG", "1", TRUE);
+
 	/* Initialise NSS early */
 	rv = NSS_NoDB_Init(".");
 	if (rv != SECSuccess) {